The company shall establish, implement and maintain a holistic and robust Information Security Management System (ISMS), putting in place adequate and appropriate arrangements which shall enable it to effectively protect "confidentiality",
maintain "integrity" and ensure "availability" of its information assets and to respond and recover from information security incidents when they arise. While planning the ISMS, the company shall take into account its internal
and external issues along with the requirements of the interested parties and determine risks and opportunities which could affect the activities supporting the provision of its products and services. The top management shall
provide the required resources and sufficiently contribute towards the ISMS ensuring it achieves its intended outcome(s).
This Information Security Policy is a key component of overall ISMS framework and should be considered alongside more detailed and organizational specific information security policies. This security policy applies to all employees,
contractors and sub-contractors and on-site third party vendors accessing HDFC ERGO’s information or use HDFC ERGO’s information systems.